madhushreeag opened a new pull request, #40178:
URL: https://github.com/apache/superset/pull/40178
### SUMMARY
When editing a role with a large number of users, saving any change — even
just renaming the role — would fail with a 413 or 404 error. This happened
because the edit modal unconditionally sent all
user IDs for the role on every save, regardless of whether the user list
changed. With hundreds or thousands of users, the request body became large
enough to hit server-side size limits (413).
Additionally, Flask-AppBuilder's update_role_users endpoint would return
404 if the sent user IDs contained any duplicates (which could occur due to
pagination instability when loading users), because
it strictly required the number of queried DB records to exactly match the
number of sent IDs.
Backend (superset/security/manager.py)
- Added request to Flask imports, expose/protect/safe/API_RESULT_RES_KEY
from flask_appbuilder, ValidationError from marshmallow, IntegrityError from
sqlalchemy
- Overrode update_role_users in SupersetRoleApi — deduplicates user IDs
with set() before querying, and drops the strict len(users) != len(user_ids)
check that caused 404s when duplicate IDs were
present
Frontend (RoleListEditModal.tsx)
- Compares current user IDs against the loaded roleUsers state before
submitting
- Only calls updateRoleUsers when the list actually changed — a save that
only touches the role name, permissions, or groups sends zero user ID bytes
- Deduplicates user IDs via new Set(...) as a safety net for when users
are modified
### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
we see errors like
PUT http://localhost:9000/api/v1/security/roles/69/users 404 (NOT FOUND)
### TESTING INSTRUCTIONS
<!--- Required! What steps can be taken to manually verify the changes? -->
### ADDITIONAL INFORMATION
<!--- Check any relevant boxes with "x" -->
<!--- HINT: Include "Fixes #nnn" if you are fixing an existing issue -->
- [ ] Has associated issue:
- [ ] Required feature flags:
- [ ] Changes UI
- [ ] Includes DB Migration (follow approval process in
[SIP-59](https://github.com/apache/superset/issues/13351))
- [ ] Migration is atomic, supports rollback & is backwards-compatible
- [ ] Confirm DB migration upgrade and downgrade tested
- [ ] Runtime estimates and downtime expectations provided
- [ ] Introduces new feature or API
- [ ] Removes existing feature or API
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
